In light of the recent hacker attack on MA; I thought I'd offer some crapware removal and prevention tips to my fellow MA users. It’s basic but should be helpful. Everything in this post is free some have payment options but none require it.

It’s completely free, reasonably effective and works on at least some versions of the fake antivirus crapwares.

Note 1: On the results page for the scan it will ask if you want to get the full program just click “I’m not ready to be protected yet” (or whatever they are saying now)

Note 2: If it says it needs to restart to remove something after you click restart, Pull ALL internet and/or network connections immediately and do NOT reconnect them until your computer is fully restarted. Don’t question it just do its important.

----------------------------

Now update and run full scans with your antivirus/antispyware program(s)

----------------------------

The following helps prevent future infections and as a side effect blocks a lot of ads

Open ZonedOut change you current key to “local machine” and your current zone to “Restricted Zone” now Click Menu->Import/Export Sites->Import from File then find the text files from ie-spyad and import at a bare minimum ie-ads but ie-nfe and adult in the adult folder are a good idea as well since if they block a site you really want you can unblock it by finding it’s URL in the list and click that entry to select it then right click it then go to “Remove Sites” ->Delete Entry(s). Once you have imported the list(s) change your current key back to current user and close ZonedOut.

Now open Internet Explorer. Click Tools->Internet Options->Security then click “Restricted Sites” Set that to High if you have the option make sure that your “Enable Protected Mode” box is checked.

Note 3: If you followed my steps above ZonedOut works for everyone that uses the computer BUT SpywareBlaster MUST be installed for each user.

This is a quick help file I tossed together if you guys want it I’ll write up a proper guide at a less ungodly hour.

It could just be a coincidence, but around the time this site was attacked I experienced a rootkit infection. The symptoms were google links redirecting me to spam/spyware sites and all firewall/antivirus/anti-spyware programs being unable to update themselves.

It could just be a coincidence, but around the time this site was attacked I experienced a rootkit infection. The symptoms were google links redirecting me to spam/spyware sites and all firewall/antivirus/anti-spyware programs being unable to update themselves.

Out of morbid curiosity, did anyone catch the Vundo/Virtumonde trojan? I seem to have been smote with it around when MA went down.
This thing is a pain in the ass. Hardly any anti-virus programs (avast!, AVG, etc. etc.) are able to remove it.

Not sure if that's just me, or if anyone else caught it. If anyone did, and your Antivirus doesn't catch/remove it, SpywareDoctor is said to be able to get it off. Or Ad-Aware, which I am using right now in an attempt to find and delete it. Ad-Aware has a free version, and SpywareDoctor has a demo (you can scan, but you can't remove).

Edit:
Symptoms for Vundo/Virtumonde include:

-Various to large amount of pop-ups urging you to download a fake anti-virus program
-Slow site loading (even though your download/upload speeds are fine). Some sites also won't load at all.

Here are some files associated with it (the trojan will create hidden folders and stow some of these files in them, which is why you may not be able to find them):

One thing about the Vundo family of viruses is that they have an online component. Which is what makes them so hard to remove and why when the scan finishes and it asks you to restart you should unplug the you network and/or internet as soon as your computer starts shutting down.

Out of morbid curiosity, did anyone catch the Vundo/Virtumonde trojan? I seem to have been smote with it around when MA went down. This thing is a pain in the ass. Hardly any anti-virus programs (avast!, AVG, etc. etc.) are able to remove it.

Virtumonde is an absolute son of a bitch. I've only been able to find ONE program that gets rid of it, and since I got mine I've been swearing by it:

Out of morbid curiosity, did anyone catch the Vundo/Virtumonde trojan? I seem to have been smote with it around when MA went down. This thing is a pain in the ass. Hardly any anti-virus programs (avast!, AVG, etc. etc.) are able to remove it.

Virtumonde is an absolute son of a bitch. I've only been able to find ONE program that gets rid of it, and since I got mine I've been swearing by it:

I downloaded Malwarebytes' Anti-Malware as it's on the main page, the quick scan and removal seems to have gotten rid of whatever I had (scan showed a couple hundred trojans, malware files, and fake/ad alerts).